Is The IPhone 8’s Facial Recognition Tech Doomed Be Hacked?

Each new iPhone model released by Apple comes with several innovative features. Usually, the camera has more megapixels, the display quality increases, and bulky buttons slowly disappear. Lately, Apple’s new iPhone features have also included better security technologies to prevent unauthorized access to your data.

While all iPhones come with the option to set a 4-digit pin to access your phone, some models come with a fingerprint sensor. Stepping up their game, the soon-to-be-released iPhone 8 has been confirmed by Apple to feature facial recognition technology. Soon, you’ll be unlocking your phone with a glance.

Facial recognition gets hacked with a photograph

Recently, German hackers broke the security of the Samsung Galaxy 8 iris recognition security feature with a printed photograph and contact lenses. Despite Samsung’s claims that the technology provides “airtight security,” it’s clear they’ve got a long way to go.

If Samsung’s technology is easily hacked, what about Apple’s?

Rumor has it that fingerprint identification will be eliminated, and facial recognition will be 3D – one step up from Samsung’s 2D iris scanning disaster.

Apple has been a leader in computer technology for decades, and it’s hard to imagine something created by Apple meeting the same fate as Samsung.

Apple’s patented 3D facial recognition technology transcends the simplicity of recognizing faces on a 2D surface. The company plans to use it for more than just security. This technology will allow sleeping Macs to wake in the presence of recognized faces to perform functions, and will even be used to initiate a payment through Apple Pay.

The problem is, we won’t know how vulnerable Apple’s technology is until the iPhone 8 is launched. Despite this uncertainty, Apple continues to improve data security across all iOS devices, making the iPhone one of the most secure smartphones on the market.

Apple’s data security technologies are superior

iOS, the operating system that runs your iPhone, encrypts your hard disk as you use it. If you decide to sell or recycle your phone, you won’t need to spend endless hours writing zeros to your drive. Enabling the “Erase Data” option on your iPhone allows you to delete your encryption keys, leaving your hard drive filled with unreadable data.

Be careful before enabling the “Erase Data” option, though, because it also means your encryption keys will be destroyed after 10 incorrect unlock attempts. It’s probably not a good idea to enable this feature if your kids have access to your phone. If you lose all your data, the only way to retrieve it is through a full restore, provided you’ve enabled data protection.

How encryption keys work

Encryption experts at Virtru explain, “Encryption uses a random string of characters called a key to transform data into an unreadable form. That data remains unreadable until it’s decrypted, using the proper key. There are two types of encryption: symmetric-key encryption, which uses a single key to both encrypt and decrypt data, and asymmetric or public key encryption, which uses a public key to encrypt, and a private key to decrypt data.”

Also noted is the importance of using 256-bit encryption (as opposed to 128-bit) to ensure that data remains secure, despite a hacker’s ability to crunch numbers at a superhuman pace.

Apple iOS uses 256-bit encryption

According to Apple’s iOS security guide, “Every iOS device (since the release of the iPhone 3GS) has a dedicated AES 256 crypto engine built into the DMA path between the flash storage and main system memory, making file encryption highly efficient. On A9 or later A-series processors, the flash storage subsystem is on an isolated bus that is only granted access to memory containing user data via the DMA crypto engine."

The guide further states that an AES 256-bit key is fused into the application processor and is specific to each individual device. The key is literally fused into the silicon itself, making it impossible to bypass. Since the key is part of the physical architecture, it’s unreadable by software and firmware. The only data software and firmware can access is the result of what’s been encrypted or decrypted.

iOS facial recognition is optional

If you’re concerned about the vulnerability of the iPhone 8’s facial recognition security, you can still use a standard passcode to lock your phone.

Once released to the public, hackers will have a field day attempting to break the facial recognition security. If it’s breakable, we’ll all hear about it.